US6757822B1ExpiredUtility
System, method and computer program product for secure communications using a security service provider manager
Est. expiryMay 31, 2020(expired)· nominal 20-yr term from priority
Inventors:Richard J. FeiertagRoshan K. ThomasJaisook RhoEve L. CohenSebastien T. RossetTimothy St. John Redmond
H04L 63/1441H04L 63/1408
89
PatentIndex Score
106
Cited by
14
References
30
Claims
Abstract
A system, method and computer program product are provided for managing the use of a plurality of security service providers during network communication. A first security service provider is utilized for affording secure communication between applications using a network. During operation, the system is monitored for events relating to the secure communication between the applications. Upon the detection of an event, a second security service provider is utilized for affording secure communication between the applications using the network.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method for managing the use of a plurality of security service providers during network communication, comprising the steps of:
(a) utilizing a first security service provider for affording secure communication between applications using a network;
(b) detecting an event relating to the secure communication between the applications; and
(c) selecting a second security service provider for affording secure communication between the applications using the network in response to the detection of the event;
wherein the second security service provider is executed on a host different from that of the first security service provider;
wherein use of the first security service provider is discontinued in response to the detection of the event;
wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
2. The method as recited in claim 1 , wherein the event is a security-related event.
3. The method as recited in claim 2 , wherein the security-related event includes a run-time error.
4. The method as recited in claim 2 , wherein the security-related event includes an intrusion by a hacker.
5. The method as recited in claim 1 , and further comprising the step of generating a notification in response to the detection of the event.
6. The method as recited in claim 1 , wherein an address space of the applications is different from that of the security service providers.
7. The method as recited in claim 1 , wherein a host on which each of the applications is executed is different from a host on which each of the security service providers is executed.
8. The method as recited in claim 1 , wherein the secure communication between the applications is facilitated by at least one network provider.
9. A computer program product for managing the use of a plurality of security service providers during network communication, comprising:
(a) computer code for utilizing a first security service provider for affording secure communication between applications using a network;
(b) computer code for detecting an event relating to the secure communication between the applications; and
(c) computer code for selecting a second security service provider for affording secure communication between the applications using the network in response to the detection of the event;
wherein the second security service provider is executed on a host different from that of the first security service provider
wherein use of the first security service provider is discontinued in response to the detection of the event;
wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
10. The computer program product as recited in claim 9 , wherein the event is a security-related event.
11. The computer program product as recited in claim 10 , wherein the security-related event includes a run-time error.
12. The computer program product as recited in claim 10 , wherein the security-related event includes an intrusion by a hacker.
13. The computer program product as recited in claim 9 , and further comprising computer code for generating a notification in response to the detection of the event.
14. The computer program product as recited in claim 9 , wherein an address space of the applications is different from that of the security service providers.
15. The computer program product as recited in claim 9 , wherein a host on which each of the applications is executed is different from a host on which each of the security service providers is executed.
16. The computer program product as recited in claim 9 , wherein the secure communication between the applications is facilitated by at least one network provider.
17. A security provider management system for managing the use of a plurality of security service providers during network communication, comprising:
(a) logic for utilizing a first security service provider for affording secure communication between applications using a network;
(b) logic for detecting an event relating to the secure communication between the applications; and
(c) logic for selecting a second security service provider for affording secure communication between the applications using the network in response to the detection of the event;
wherein the second security service provider is executed on a host different from that of the first security service provider;
wherein use of the first security service provider is discontinued in response to the detection of the event;
wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
18. A method for establishing secure communication over a network using a plurality of security service providers, comprising the steps of:
(a) receiving an indication that communication is to be established on a network between a first application and a second application;
(b) choosing at least one of a plurality of security service providers for affording secure communication between the first application and the second application utilizing the network; and
(c) utilizing the chosen security service provider for affording secure communication between the first application and the second application utilizing the network;
wherein a first security service provider is executed on a host different from that of a second security service provider;
wherein use of the first security service provider is discontinued in response to the detection of an event;
wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
19. The method as recited in claim 18 , wherein the at least one security service provider is chosen by exchanging a set of acceptable security service providers between the first application and the second application utilizing the network, and choosing at least one of the security service providers from the set.
20. The method as recited in claim 19 , wherein the at least one security service provider is chosen based on whether it is acceptable to both the first application and the second application.
21. The method as recited in claim 18 , wherein the at least one security service provider is chosen based on security requirements associated with the secure communication between the first application and the second application.
22. The method as recited in claim 18 , wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network connection.
23. The method as recited in claim 18 , wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network provider.
24. A computer program product for establishing secure communication over a network using a plurality of security service providers, comprising:
(a) computer code for receiving an indication that communication is to be established on a network between a first application and a second application;
(b) computer code for choosing at least one of a plurality of security service providers for affording secure communication between the first application and the second application utilizing the network; and
(c) computer code for utilizing the chosen security service provider for affording secure communication between the first application and the second application utilizing the network;
wherein a first security service provider is executed on a host different from that of a second security service provider;
wherein use of the first security service provider is discontinued in response to the detection of an event;
wherein the second security service provider provides a first type of encryption that is different from that of the first security service provider.
25. The computer program product as recited in claim 24 , wherein the at least one security service provider is chosen by exchanging a set of acceptable security service providers between the first application and the second application utilizing the network, and choosing at least one of the security service providers from the set.
26. The computer program product as recited in claim 25 , wherein the at least one security service provider is chosen based on whether it is acceptable to both the first application and the second application.
27. The computer program product as recited in claim 24 , wherein the at least one security service provider is chosen based on security requirements associated with the secure communication between the first application and the second application.
28. The computer program product as recited in claim 24 , wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network connection.
29. The computer program product as recited in claim 24 , wherein each of the security service providers are utilized for affording secure communication between the first application and the second application using a separate network provider.
30. The method as recited in claim 1 , wherein the second security service provider provides a first type of encryption including data encryption standard (DES) encryption that is different from an RSA encryption that is provided by the first security service provider.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.